- 积分
- 106
- 鸿鹄币
- 个
- 好评度
- 点
- 精华
- 注册时间
- 2014-4-9
- 最后登录
- 1970-1-1
- 阅读权限
- 20
- 听众
- 收听
助理工程师
|
海外,88X 分过的,考试时故意错了几个题。参考了坛子里多个版本 (alomar,lining7, romantictriv等),在这里一并感谢。 感觉Alomar的124Q是最好的,因为有截图。Romantictriv的125Q VCE适合考前练习,没有截图,不便于记忆。
9 i9 _" [; F# i针对124Q的一些答案,我有自己的看法,在这里列出来,供后来者参考。记得是参考!!
* D2 [4 ]* A/ `8 i" wQ2,Which criteria does ASA use for packet classificaton if multiple contexts share an ingrss interface MAC address?
% r. l* E+ b9 IF, ASA NAT configuration
; s! a8 Y$ N. h! }) O
; M- ^. }9 ?/ D& ]Q18, SenderBase reputation scoring?$ [8 {5 S& y) N6 S+ ]3 H
D, You can configure a custom score threshold for whitelisting messages
0 o4 a& }) J0 [# b
$ Y$ Q# o1 w1 O' QQ19. Router(config)# cts sxp reconsiliation period 180
J1 ] ^) T Z r8 QB, If a peer reconects to the device within 120 seconds of terminating..
) h4 J1 S8 V& I: V$ nC. If a peer re-establiehes a conneciton to the device before hold-down timer expires....
4 k' U5 ^ Z7 \5 z# ?
! C- O" {+ W% I2 ]; l3 J8 ]$ b4 _Q27. which statement about securing conneciton using MACsee is true?
/ ^0 q& q' t$ Q3 W7 u4 f3 D$ |) R这个比较纠结,答案F it provides network layer encryption on a wired network 显然是错的,应该是MAC layer的加密+ ^+ Y, Q+ y+ Z6 B5 B8 }6 }
貌似可能的答案:4 r4 H/ T7 c! z
C. a switch use session keys to calculate encrypted packet ICV value..问题是,交换机是先decrypt packet之后再计算的ICV value r( d# ?, W( ~7 [7 @! x
D. switch configured for MACSec can accept MACSec frame from the MACSec client. 考前我觉得应该是这个,因为A device that uses MACsec accepts either MACsec or non-MACsec frames, depending on the policy associated with the client.但考试的时候答案稍微不同,多了一个字:switch configured for MACSec can ONLY accept MACSec frame from the MACSec client.6 @( w) D ?. K( C( Y) K( L
* A7 K/ a7 }- X3 F- B+ b4 ~Q41 which statement about Remote Triggerd Black Hoel5 B# d/ S3 l! l& b2 k v
E. it drops malicious traffic at the customer edge router by forwading it to a Null0 interface+ R5 @& d& o+ k7 Z
D显然是错的,因为RTBH可以基于source (RFC5635)或destination (RFC3883)做
" @* m8 n3 J% }4 g( R0 z5 }; l/ I- a% A
Q42 which statement about Cisco VSG functionality
) o' }5 \" M+ d# G+ oE. it provides trusted access to VMs in an enterprise data center 其实这个答案也不太对,但别的的答案都是明显错,比如( X9 Q. g* |1 f$ h
A it allows..security administrator to author and manage port profile - 应该是network administrato才能管理port profile,所以不对4 M, J) j6 ?; e+ g5 S- ]) e# G
7 q1 L5 D, @* v4 @: @: D) |* B5 J
Q52 which 3 similarities between container and virtual machines?8 `7 g2 ^' c9 M' R$ L
A. prviate space for processing, E. private network address F. allow custom routes 这是来自freecodecampe网站的一段原话
( x8 a" M8 S+ b- M, ^3 w9 g, V1 b+ d/ B" }3 C
Q58 in order to enable CA featue using SCEP, which 3 confguration steps2 O$ S7 j6 y! u- \; h0 e
B. set an authoritative clock source E. enable ip http server F. issue no shut under the crypto ski CCO上的参考配置/ ]( L0 X4 a; K. F, r. M
' t7 g$ y. b/ u; s7 l" Y* n
Q74 which security capablility cn best prevent zero-day malware and attacks?
. q8 }' S- E3 L% KB. threat intelligent. 不太可能是A. IPS 因为这里针对的是zero-day的malware% ~% m" R3 n0 R4 M& J
9 q: Z. E( W. a
Q90 configuring URL Redirect for Cisco ISE posture validation, you need to create redirect ACL's on switch and WLC, you will7 l2 q: _& i( x- ]: O1 c
B. Permit traffic to ISE on the switch ACL and deny traffic to ISE in the WLC ACL. 这个应该是实现redirect的标准做法,其它都不对
" p) R/ e- I4 a5 D0 b7 p
2 B3 z; n v" ZQ99 which of the following statement aobut CisocTrustSec is incorect. x3 R# E- |( t' `/ U
A. SXP is required for SGT propogation SGT propogation还有另外一种方式 (硬件支持)
% |4 E$ z ]0 X; r) Y$ o" ^ V$ }, U" v1 F
Q109 which statement correctly describe how DMVPN can be used to provide nework segmentation% [! h# X5 v V6 v9 S- w
B DVMPN can be used to transport MPLS packets inside of an mGRC tunnel
, B* l' s. ]2 Y6 L5 b
& `! p* B1 Q, U- y+ |' ?再次强调,这个是我个人的判断,仅供参考。祝考试顺利。" I9 B% A; C+ g2 r
% {% e; S% {$ f) v, E. u1 y8 U' E& N& _* J
, Y/ u% M9 @1 w% z8 D: c( |% l
|
评分
-
查看全部评分
|
简体中文
英语
日语
韩语
法语
西班牙语
越南语
泰语
阿拉伯语
俄语
葡萄牙语
德语
意大利语
希腊语
荷兰语
波兰语
保加利亚语
爱沙尼亚语
丹麦语
芬兰语
捷克语
罗马尼亚语
斯洛文尼亚语
瑞典语
匈牙利语
繁体中文
文言文
发表于 2019-12-8 23:10:03
置顶卡
喧嚣卡
变色卡
千斤顶
成长值: 8950